CVE-2026-44232

DSSRF is a Node.js library that provides a wide range of utilities and advanced SSRF defense checks. Prior to 1.3.0, every IPv6 category bypasses isurlsafe. This vulnerability is fixed in 1.3.0...

NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality

Summary A blind Server-Side Request Forgery SSRF vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, the initial metadata request executes without validation. This allows limited...